Bugtraq: by date

130 messages starting Sep 04 12 and ending Sep 28 12
Date index | Thread index | Author index

Tuesday, 04 September

[slackware-security] mozilla-firefox (SSA:2012-244-02) Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2012-244-03) Slackware Security Team
[slackware-security] glibc (SSA:2012-244-01) Slackware Security Team
[ MDVSA-2012:149 ] fetchmail security
Admidio 2.3.5 Multiple security vulnerabilities sschurtz
[slackware-security] seamonkey (SSA:2012-244-04) Slackware Security Team
[slackware-security] slocate (SSA:2012-244-05) Slackware Security Team
Security Advisory AA-003: Directory Traversal Vulnerability in Conceptronic GrabnGo Network Storage mattijs
Security Advisory AA-004: Directory Traversal Vulnerability in Sitecom Home Storage Center mattijs
Secunia Research: Adobe Photoshop TIFF SGI24LogLum Decompression Buffer Overflow Secunia Research
Group-Office Calendar SQL Injection Joseph Sheridan

Wednesday, 05 September

QNAP Turbo NAS Multiple Path Injection Andrea Fabrizi
VMWare Tools susceptible to binary planting by hijack moshez
IPv6 implications on IPv4 nets: IPv6 RAs, IPv4, and VPN "evasion" Fernando Gont
eFront Educational v3.6.11 - Multiple Web Vulnerabilities Vulnerability Lab
ES Job Search Engine v3.0 - SQL injection vulnerability Vulnerability Lab
eFront Enterprise v3.6.11 - Multiple Web Vulnerabilities Vulnerability Lab
Barracuda Web Filter 910 5.0.015 - Multiple Vulnerabilities Vulnerability Lab
Ektron CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-009 Lists
KIWICON: THE ANNUCIATION Kiwicon
Cross-Site Scripting (XSS) Vulnerabilities in Flogr advisory
Cross-Site Scripting (XSS) in Kayako Fusion advisory
Сross-Site Request Forgery (CSRF) in TestLink advisory
[IMF 2013] Call for Papers Oliver Goebel
APPLE-SA-2012-09-05-1 Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 Apple Product Security
[Rooted CON 2013] CFP starts! Román Ramírez
[SECURITY] [DSA 2538-1] moin security update Raphael Geissert

Thursday, 06 September

[SECURITY] [DSA 2539-1] zabbix security update Raphael Geissert
[CVE-2012-3373] Apache Wicket XSS vulnerability via manipulated URL parameter Carl-Eric Menzel
Internet Explorer Script Interjection Code Execution (updated) ds . adv . pub
[security bulletin] HPSBMU02811 SSRT100937 rev.1 - HP Business Availability Center (BAC) Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and Web Session Hijacking security-alert

Monday, 10 September

[SECURITY] [DSA 2540-1] mahara security update Raphael Geissert
[SECURITY] [DSA 2541-1] beaker security update Raphael Geissert
[SECURITY] [DSA 2542-1] qemu-kvm security update Raphael Geissert
[SECURITY] [DSA 2543-1] xen-qemu-dm-4.0 security update Raphael Geissert
[SECURITY] [DSA 2544-1] xen security update Raphael Geissert
[SECURITY] [DSA 2545-1] qemu security update Raphael Geissert

Tuesday, 11 September

[ MDVSA-2012:150 ] java-1.6.0-openjdk security
[SE-2012-01] Security vulnerabilities in IBM Java Security Explorations
ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks Security Alert
nullcon CTF HackIM is on nullcon
Wordpress Download Monitor - Download Page Cross-Site Scripting Joseph Sheridan
[PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods Timo Warns
GreHack 2012 - 19th Oct. Grenoble, France - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] Fabien DUCHENE
Multiple vulnerabilities in Ezylog photovoltaic management server roberto
ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities Security Alert
VUPEN - Adobe Flash Player "Matrix3D" Integer Overflow Code Execution (APSB12-19) VUPEN Security Research
VUPEN - Microsoft Windows Common Controls MSCOMCTL.OCX Use-after-free (CVE-2012-1856 / MS12-060) VUPEN Security Research
VUPEN - Mozilla Firefox "nsHTMLEditRules" Remote Use-after-free (CVE-2012-3958 / MFSA 2012-58) VUPEN Security Research

Wednesday, 12 September

[SECURITY] [DSA 2546-1] freeradius security update Nico Golde
[ MDVSA-2012:151 ] ghostscript security

Thursday, 13 September

Cisco Security Advisory: Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center mattijs
Security Advisory AA-007: Command Injection Vulnerability in Sitecom Home Storage Center mattijs
[SECURITY] [DSA 2547-1] bind9 security update Florian Weimer
APPLE-SA-2012-09-12-1 iTunes 10.7 Apple Product Security
Knowledge Base EE v4.62.0 - SQL Injection Vulnerability Vulnerability Lab
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities Vulnerability Lab

Friday, 14 September

[ MDVSA-2012:152 ] bind security
[SECURITY] [DSA 2548-1] tor security update Moritz Muehlenhoff

Monday, 17 September

[SECURITY] [DSA 2480-4] request-tracker3.8 regression update Raphael Geissert
[SECURITY] [DSA 2549-1] devscripts security update Raphael Geissert
[ MDVSA-2012:153 ] dhcp security
[SECURITY] [DSA 2548-1] Debian Security Team PGP/GPG key change notice Nico Golde
ipv6mon v1.0 released! (IPv6 address monitoring daemon) Fernando Gont
ASTPP VoIP Billing (4cf207a) - Multiple Web Vulnerabilities Vulnerability Lab
NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities Vulnerability Lab
[INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability INTREST SEC
[slackware-security] patch (SSA:2012-257-02) Slackware Security Team
[slackware-security] bind (SSA:2012-257-01) Slackware Security Team
[slackware-security] dhcp (SSA:2012-258-01) Slackware Security Team
IPv6 Toolkit v1.2.3 released! (and upcoming IPv6 security trainings) Fernando Gont
[IA38] NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Local Buffer Overflow Inshell Security
Secunia Research: Novell GroupWise iCalendar Date/Time Parsing Denial of Service Secunia Research
[waraxe-2012-SA#089] - Multiple Vulnerabilities in TorrentTrader 2.08 come2waraxe
[Positive Research] Intel SMEP overview and partial bypass on Windows 8 (whitepaper) noreply

Tuesday, 18 September

Axis VoIP Manager v2.1.5.7 - Multiple Web Vulnerabilities Vulnerability Lab
SonicWALL EMail Security 7.3.5 - Multiple Vulnerabilities Vulnerability Lab
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities Vulnerability Lab
[security bulletin] HPSBMU02813 SSRT100712 rev.1 - HP Operations Orchestration, Remote Execution of Arbitrary Code security-alert
Fortigate UTM WAF Appliance - Cross Site Vulnerabilities Vulnerability Lab
APPLE-SA-2012-09-17-1 Apple Remote Desktop 3.5.3 Apple Product Security
NGS00267 Patch Notification: Symantec Messaging Gateway SSH with backdoor user account NCC Group Research
NGS00268 Patch Notification: Symantec Messaging Gateway Out-of-band stored XSS - delivered by email NCC Group Research
NGS00263 Patch Notification: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator NCC Group Research
NGS00265 Patch Notification: Symantec Messaging Gateway - Unauthenticated detailed version disclosure NCC Group Research
NGS00266 Patch Notification: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL NCC Group Research
Vbulletin (blog_plugin_useradmin) v4.1.12 Sql Injection Vulnerability irist . ir

Wednesday, 19 September

[SECURITY] [DSA 2550-1] asterisk security update Moritz Muehlenhoff
Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities sschurtz

Friday, 21 September

[2.0 Update] Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Cisco Systems Product Security Incident Response Team
[security bulletin] HPSBMU02815 SSRT100715 rev.2 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert
APPLE-SA-2012-09-19-1 iOS 6 Apple Product Security
APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 Apple Product Security
APPLE-SA-2012-09-19-3 Safari 6.0.1 Apple Product Security

Monday, 24 September

[security bulletin] HPSBMU02815 SSRT100715 rev.3 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert
[SECURITY] [DSA 2551-1] isc-dhcp security update Nico Golde
GreHack 2012 - 19th Oct. Grenoble, France - Conference + CTF - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] Fabien DUCHENE
[CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities Robert Gilbert
[Announcement] ClubHack Magazine's Sept 2012 Issue Out abhijeet
ESA-2012-037: RSA(r) Authentication Agent 7.1 for Microsoft Windows(r) and RSA(r) Authentication Client 3.5 Access Control Vulnerability Security Alert
Toshiba ConfigFree CF7 File Stack Buffer Overflow (ProfileName) Joseph Sheridan
Toshiba ConfigFree CF7 File Remote Command Execution Joseph Sheridan
Toshiba ConfigFree CF7 File Stack Buffer Overflow (Comment Field Joseph Sheridan
DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval (CVE-2012-0419) ddivulnalert
CVE-2012-4415: guacamole local root vulnerability Timo Juhani Lindfors
[Positive Research] Intel SMEP Part II: Bypassing Intel SMEP on Windows 8 x64 Using Return-oriented Programming noreply
APPLE-SA-2012-09-24-1 Apple TV 5.1 Apple Product Security

Tuesday, 25 September

[SE-2012-01] Critical security issue affecting Java SE 5/6/7 Security Explorations
[waraxe-2012-SA#090] - Insecure SSL Connection in Thomson SpeedTouch ST780 come2waraxe
[Announcement] CHMag - Call for Articles abhijeet
[Full-disclosure] "Dell Data Protection | Access" for Windows contains and installs outdated, superfluous and vulnerable system components and 3rd party components/drivers Stefan Kanthak

Thursday, 27 September

[SECURITY] [DSA 2550-2] asterisk regression update Moritz Muehlenhoff
Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 2554-1] iceape security update Yves-Alexis Perez
[SECURITY] [DSA 2552-1] tiff security update Luciano Bello
XSS in OSSEC wui 0.3 A. Ramos
NGS00254 Patch Notification: Apple Mac OS X Lion USB Hub Class Hub Descriptor Arbitrary Code Execution NCC Group Research
[IMF 2013] 2nd Call for Papers Oliver Goebel

Friday, 28 September

[ MDVSA-2012:154 ] apache security
[ MDVSA-2012:155 ] xinetd security

Previous period

Next period